11 anni fa · 6db6c6744f
--- a/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
+++ b/hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt
@@ -385,6 +385,9 @@ Release 2.4.0 - UNRELEASED
 
				     HDFS-6094. The same block can be counted twice towards safe mode
			
 
				     threshold. (Arpit Agarwal)
			
 
				 
			
 
				+    HDFS-5516. WebHDFS does not require user name when anonymous http requests
			
 
				+    are disallowed. (Miodrag Radulovic via cnauroth)
			
 
				+
			
 
				   BREAKDOWN OF HDFS-5698 SUBTASKS AND RELATED JIRAS
			
 
				 
			
 
				     HDFS-5717. Save FSImage header in protobuf. (Haohui Mai via jing9)
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/DFSConfigKeys.java
@@ -505,6 +505,7 @@ public class DFSConfigKeys extends CommonConfigurationKeys {
 
				   public static final String  DFS_NAMENODE_CHECKED_VOLUMES_KEY = "dfs.namenode.resource.checked.volumes";
			
 
				   public static final String  DFS_NAMENODE_CHECKED_VOLUMES_MINIMUM_KEY = "dfs.namenode.resource.checked.volumes.minimum";
			
 
				   public static final int     DFS_NAMENODE_CHECKED_VOLUMES_MINIMUM_DEFAULT = 1;
			
 
				+  public static final String  DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED = "dfs.web.authentication.simple.anonymous.allowed";
			
 
				   public static final String  DFS_WEB_AUTHENTICATION_KERBEROS_PRINCIPAL_KEY = "dfs.web.authentication.kerberos.principal";
			
 
				   public static final String  DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY = "dfs.web.authentication.kerberos.keytab";
			
 
				   public static final String  DFS_NAMENODE_MAX_OP_SIZE_KEY = "dfs.namenode.max.op.size";
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNodeHttpServer.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/NameNodeHttpServer.java
@@ -174,6 +174,13 @@ public class NameNodeHttpServer {
 
				           DFSConfigKeys.DFS_WEB_AUTHENTICATION_KERBEROS_KEYTAB_KEY +
			
 
				           "' is not set.");
			
 
				     }
			
 
				+    String anonymousAllowed = conf
			
 
				+      .get(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED);
			
 
				+    if (anonymousAllowed != null && !anonymousAllowed.isEmpty()) {
			
 
				+    params.put(
			
 
				+        DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
			
 
				+        anonymousAllowed);
			
 
				+    }
			
 
				     return params;
			
 
				   }
			
 
				 
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/web/AuthFilter.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/web/AuthFilter.java
@@ -64,8 +64,10 @@ public class AuthFilter extends AuthenticationFilter {
 
				     // set authentication type
			
 
				     p.setProperty(AUTH_TYPE, UserGroupInformation.isSecurityEnabled()?
			
 
				         KerberosAuthenticationHandler.TYPE: PseudoAuthenticationHandler.TYPE);
			
 
				-    //For Pseudo Authentication, allow anonymous.
			
 
				-    p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
			
 
				+    // if not set, enable anonymous for pseudo authentication
			
 
				+    if (p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED) == null) {
			
 
				+      p.setProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED, "true");
			
 
				+    }
			
 
				     //set cookie path
			
 
				     p.setProperty(COOKIE_PATH, "/");
			
 
				     return p;
			
--- a/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/web/TestAuthFilter.java
+++ b/hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/web/TestAuthFilter.java
@@ -75,4 +75,27 @@ public class TestAuthFilter {
 
				     Assert.assertEquals("true",
			
 
				         p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				   }
			
 
				+  
			
 
				+  @Test
			
 
				+  public void testGetSimpleAuthDisabledConfiguration() throws ServletException {
			
 
				+    AuthFilter filter = new AuthFilter();
			
 
				+    Map<String, String> m = new HashMap<String,String>();
			
 
				+    m.put(DFSConfigKeys.DFS_WEB_AUTHENTICATION_SIMPLE_ANONYMOUS_ALLOWED,
			
 
				+        "false");
			
 
				+    FilterConfig config = new DummyFilterConfig(m);
			
 
				+    Properties p = filter.getConfiguration("random", config);
			
 
				+    Assert.assertEquals("false",
			
 
				+        p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				+  }
			
 
				+  
			
 
				+  @Test
			
 
				+  public void testGetSimpleAuthDefaultConfiguration() throws ServletException {
			
 
				+    AuthFilter filter = new AuthFilter();
			
 
				+    Map<String, String> m = new HashMap<String,String>();
			
 
				+    
			
 
				+    FilterConfig config = new DummyFilterConfig(m);
			
 
				+    Properties p = filter.getConfiguration("random", config);
			
 
				+    Assert.assertEquals("true",
			
 
				+        p.getProperty(PseudoAuthenticationHandler.ANONYMOUS_ALLOWED));
			
 
				+  }
			
 
				 }